I'm replacing a current https webservice.
The webservice and clients have the current SSL certificate. The cert was issue to example.test.local, which correlates to the domain of the web service:
https:\example.test.local:4434\test\example.svc
I'm replace the current web service and domain address it uses:
https:\example1.test.local:4434\test\example2.svc
Can I reuse the original SSL certificate with my new web service URL?
Thanks for any help.
If your certificate is not issued for the new domain example1.test.local, then you can't use it. Client apps won't trust it and show a warning about wrong domain to users.
You need a new certificate.
Related
I have a React.js web app deployed via Google Firebase hosting. I also have an express Rest API deployed via AWS EC2. I have been so far unable to get the React app to interact with the express API because it is using HTTP. I tried to get all the SSL/cert stuff figured out to enable HTTPS on the backend but it seems like it will not work because the cert is not signed by a Certificate Authority.
Is there any workaround or other solution here? Thank you in advance.
A web browser will not accept a self-signed SSL certificate. In order to generate a legitimate SSL certificate you must first own a domain name.
You need to purchase a domain, and point your domain or subdomain to the EC2 instance. Then you need to create an SSL certificate that actually matches that domain name or subdomain, using an SSL provider like Let's Encrypt that will actually be accepted by modern web browsers.
Finally you will need to use that domain name in your API calls.
You could place a Load Balancer, or CloudFront distribution, or AWS API Gateway, in front of the EC2 server, at which point you could use a free AWS ACM SSL certificate.
If you don't want to purchase a domain name, you could still place CloudFront or API Gateway in front of the server and use their default endpoint which will also provide SSL.
I created a front-end hosted at www.example.com through netlify. The front-end makes API calls to a load balancer address hosted on AWS. Through Netlify, I set up an A record, so that server.example.com points to the load balancer. In Amazon Certificate Manager, I got certificate imported successfully for example.com and server.example.com by creating CNAME records in Netlify.
However, when I visit server.example.com in the browser, it properly loads my Express Server, but it says Not Secure in the browser despite being served over https. It says the certificate is invalid.
I'm wondering how to get the certificate to be valid at server.example.com - any help would be much appreciated, as I've struggled with this for two days now.
Thanks!
The issue is that the certificate CN (common name) is drawafterdark.com and you are using it with server.drawafterdark.com. The certificate is valid but client (Chrome) will show that certificate is not valid because hostname doesn't match the CN. You either have to get the certificate for server.drawafterdark.com or wildcard certficate *.drawafterdark.com
You can also add server.drawafterdark.com to the SAN subject alternative name. Then it will we be validate it for both server.drawafterdark.com and drawafterdark.com
I have made a flask application to use only as API. I have hosted it on aws using nginx and gunicorn. I intend to use the API to run my android application. There is a part in the application where i have to download something using Android Download Manager, but it only downloads things hosted in https domains. So i want to make my application https instead http. But every tutorial shows me a way with a purchased domain. I dont have much information on it yet, but I cant get an SSL Certificate from amazon without purchased domain name(which is pointless for an API). I just want to know how can I do this? How can I make my nginx server listen to https requests?
I have hosted it on aws using nginx and gunicorn.
I think you need a domain name to get ssl on AWS.
It is not allowed in AWS.
One part of HTTPS is encryption, the other part is identity verification. What you're asking for is impossible since it is required that you have to verify your domain name. Without this no Certificate authority will sign a certificate. You cannot have publicly valid certificate if it's self-signed. ACM (Amazon Certificate Manager) an AWS service, will not allow you to create a certificate without a valid domain name.
I have a website written in AngularJs which send api request to another server application. If I want user to connect website through https, do I have to make server https also? I have already requested a ssl certificate on AWS with my website address, and applied it on the load balancer of website instance (not server instance). Do I have to request another certificate for my api server?
Thanks.
It is recommended that the communication between the client and server happens over https, especially if private data is being transmitted, such as login data.
Regarding certificates, in order to https to work, the common name (CN) that is used in the certificate must match the fully qualified domain of your server's URL. So yes, you need a new certificate created specifically for your back-end server.
I have developed Facebook canvas app and for canvas App HTTPS and SSL certificate is required. I am planning to purchase SSL certificate but i don't know requirement of Facebook canvas app SSL certificate.My app may be hosted on subdomain or subdomain sub-directory. Please guide me which certificate is better for me.
If you want to secure sub-domain and its sub-directories, you can get multi domain SSL certificate.
Multi domain SSL Certificate will protect domain in following scenarios:
example.com
*.example.com
*.abc.example.com
*.example.net
*.abc.com.au
You can secure up to 100 domains with this certificate.